letsencrypt-cert-exists
Example:
# Install a letsencrypt certificate. - letsencrypt-cert-exists: letsencrypt_cert_domains: - dev.frkl.io letsencrypt_email: [email protected]
Description
Request and setup a lets-encrypt certificate for a hostname.
This also creates a cron-job that monitors the certificate for expiration, and re-news it if necessary.
If webserver_service_name is provided, that service is stopped before cert request, and restarted after.
Resources
Variables
| Name | Type | Default | Description |
|---|---|---|---|
|
list | -- | The hostname(s). Required |
|
string | /var/www | The webroot path for the webserver (check underlying role for details). |
|
string | -- | The email address to use with the letsencrypt service. |
|
boolean | False | This is useful for development, as the production server only allows for a certain number of certificate requests per day/week. |
|
string | -- | The command to use for renewal in the cron job (check underlying role for details). |
|
string | -- | The webserver service name, to be able to stop the service before cert request. |
Examples
Example 1
Install a letsencrypt certificate.
Code
- letsencrypt-cert-exists: letsencrypt_cert_domains: - dev.frkl.io letsencrypt_email: [email protected]
Code
doc: short_help: Ensures a letsencrypt https certificate for a hostname exists. help: | Request and setup a lets-encrypt certificate for a hostname. This also creates a cron-job that monitors the certificate for expiration, and re-news it if necessary. If ``webserver_service_name`` is provided, that service is stopped before cert request, and restarted after. references: "'thefinn93.letsencrypt' Ansible role": https://github.com/thefinn93/ansible-letsencrypt examples: - title: Install a letsencrypt certificate. vars: letsencrypt_cert_domains: - dev.frkl.io letsencrypt_email: [email protected] args: domain_names: required: true type: list schema: type: string doc: short_help: The hostname(s). cli: metavar: HOST_NAME param_decls: - --domain email: required: false type: string doc: short_help: The email address to use with the letsencrypt service. cli: metavar: EMAIL letsencrypt_staging: type: boolean doc: short_help: Whether to use the letsencrypt staging server instead of production. help: | This is useful for development, as the production server only allows for a certain number of certificate requests per day/week. required: false default: false cli: is_flag: true renewal_command: type: string required: false doc: short_help: The command to use for renewal in the cron job (check underlying role for details). document_root: type: string required: false default: /var/www doc: short_help: The webroot path for the webserver (check underlying role for details). webserver_service_name: type: string required: false doc: short_help: The webserver service name, to be able to stop the service before cert request. meta: tags: - letsencrypt - https - featured-frecklecutable - setup frecklets: - systemd-services-stopped: frecklet::skip: '{{:: webserver_service_name | true_if_empty ::}}' services: - '{{:: webserver_service_name ::}}' - frecklet: type: ansible-role name: thefinn93.letsencrypt resources: ansible-role: - thefinn93.letsencrypt properties: idempotent: true elevated: true internet: true desc: short: "get https certificates for: {{:: domain_names | join(', ') ::}}" references: "'thefinn92.letsencrypt' Ansible role": https://github.com/thefinn93/ansible-letsencrypt vars: letsencrypt_cert_domains: '{{:: domain_names ::}}' letsencrypt_email: '{{:: email ::}}' letsencrypt_renewal_command_args: '{{:: renewal_command ::}}' letsencrypt_webroot_path: '{{:: document_root ::}}' letsencrypt_server: "{{:: 'https://acme-staging.api.letsencrypt.org/directory'\ \ if letsencrypt_staging else None ::}}" - systemd-services-started: frecklet::skip: '{{:: webserver_service_name | true_if_empty ::}}' services: - '{{:: webserver_service_name ::}}'
frecklecute letsencrypt-cert-exists --help Usage: frecklecute letsencrypt-cert-exists [OPTIONS] Request and setup a lets-encrypt certificate for a hostname. This also creates a cron-job that monitors the certificate for expiration, and re-news it if necessary. If ``webserver_service_name`` is provided, that service is stopped before cert request, and restarted after. Options: --domain HOST_NAME The hostname(s). [required] --document-root DOCUMENT_ROOT The webroot path for the webserver (check underlying role for details). --email EMAIL The email address to use with the letsencrypt service. --letsencrypt-staging / --no-letsencrypt-staging Whether to use the letsencrypt staging server instead of production. --renewal-command RENEWAL_COMMAND The command to use for renewal in the cron job (check underlying role for details). --webserver-service-name WEBSERVER_SERVICE_NAME The webserver service name, to be able to stop the service before cert request. --help Show this message and exit.
# -*- coding: utf-8 -*- # # module path: pycklets.letsencrypt_cert_exists.LetsencryptCertExists # from dataclasses import dataclass from pyckles import AutoPycklet from typing import * # noqa @dataclass class LetsencryptCertExists(AutoPycklet): """Request and setup a lets-encrypt certificate for a hostname. This also creates a cron-job that monitors the certificate for expiration, and re-news it if necessary. If ``webserver_service_name`` is provided, that service is stopped before cert request, and restarted after. Args: document_root: The webroot path for the webserver (check underlying role for details). domain_names: The hostname(s). email: The email address to use with the letsencrypt service. letsencrypt_staging: Whether to use the letsencrypt staging server instead of production. renewal_command: The command to use for renewal in the cron job (check underlying role for details). webserver_service_name: The webserver service name, to be able to stop the service before cert request. """ FRECKLET_ID = "letsencrypt-cert-exists" document_root: str = None domain_names: List = None email: str = None letsencrypt_staging: bool = None renewal_command: str = None webserver_service_name: str = None def __post_init__(self): super(LetsencryptCertExists, self).__init__(var_names=["document_root", "domain_names", "email", "letsencrypt_staging", "renewal_command", "webserver_service_name"]) frecklet_class = LetsencryptCertExists
# -*- coding: utf-8 -*- # # module path: pycklets.letsencrypt_cert_exists.LetsencryptCertExists # from pyckles import AutoPycklet class LetsencryptCertExists(AutoPycklet): """Request and setup a lets-encrypt certificate for a hostname. This also creates a cron-job that monitors the certificate for expiration, and re-news it if necessary. If ``webserver_service_name`` is provided, that service is stopped before cert request, and restarted after. Args: document_root: The webroot path for the webserver (check underlying role for details). domain_names: The hostname(s). email: The email address to use with the letsencrypt service. letsencrypt_staging: Whether to use the letsencrypt staging server instead of production. renewal_command: The command to use for renewal in the cron job (check underlying role for details). webserver_service_name: The webserver service name, to be able to stop the service before cert request. """ FRECKLET_ID = "letsencrypt-cert-exists" def __init__(self, document_root="/var/www", domain_names=None, email=None, letsencrypt_staging=None, renewal_command=None, webserver_service_name=None): super(LetsencryptCertExists, self).__init__(var_names=["document_root", "domain_names", "email", "letsencrypt_staging", "renewal_command", "webserver_service_name"]) self._document_root = document_root self._domain_names = domain_names self._email = email self._letsencrypt_staging = letsencrypt_staging self._renewal_command = renewal_command self._webserver_service_name = webserver_service_name @property def document_root(self): return self._document_root @document_root.setter def document_root(self, document_root): self._document_root = document_root @property def domain_names(self): return self._domain_names @domain_names.setter def domain_names(self, domain_names): self._domain_names = domain_names @property def email(self): return self._email @email.setter def email(self, email): self._email = email @property def letsencrypt_staging(self): return self._letsencrypt_staging @letsencrypt_staging.setter def letsencrypt_staging(self, letsencrypt_staging): self._letsencrypt_staging = letsencrypt_staging @property def renewal_command(self): return self._renewal_command @renewal_command.setter def renewal_command(self, renewal_command): self._renewal_command = renewal_command @property def webserver_service_name(self): return self._webserver_service_name @webserver_service_name.setter def webserver_service_name(self, webserver_service_name): self._webserver_service_name = webserver_service_name frecklet_class = LetsencryptCertExists